Covering Disruptive Technology Powering Business in The Digital Age

IBM FlashSystem’s Cyber Resiliency Explained
November 24, 2021 Library


Cyber resilience is a measure of how well an organisation can manage in the face of a cyber attack or a data breach. In short, cyber resilience is about ensuring your business operations are safeguarded and, in the event of an attack or breach, your operations are not immobilised.

It is generally accepted that there are four components of cyber resilience. These are threat protection, recoverability, adaptability and durability.

With IBM FlashSystem, storage plays a part in bolstering an organisation’s cyber resiliency, specifically around threat protection and recoverability.

Threat protection involves monitoring digital assets in real time, spotting potential threats and, in addition to blocking those threats, immediately mitigating in case the attack manages a successful breach. IBM FlashSystem’s management software integrates with IBM’s QRadar threat detection solution.

QRadar is IBM’s consolidated Security Information and Event Management (SIEM) solution that can provide real-time visibility of an organisation’s entire IT infrastructure. It does so by collecting and analysing various security information from event logs and data flows between all the devices, endpoints and apps across a particular network.

In the event that QRadar identifies a potentially malicious activity, it can trigger an immediate backup of data or systems it perceived to be under threat.

Recoverability is about being able to bring back uncorrupted, recent versions of your data or systems in the event they have been breached by a cyber attack. In recent times, ransomware has upped the ante, with recoverability coming under greater threat. Unlocking a ransomed system may be impossible, so other methods of recovery are critical. IBM FlashSystem’s management software includes a function called “Safeguarded Copy”, which creates immutable snapshots of your data and applications.

These snapshots are also air-gapped, meaning that malware or ransomware cannot traverse or tamper with your backup data.

Immutability means the snapshots cannot be changed or amended, so recovery is assured by restoring the last malware-free snapshot that was saved.

Deployed and managed correctly, this creates certainty that recoverability can be achieved even in a successful ransomware attack.

In this way, IBM FlashSystem can be implemented as a foundational pillar for an organisation’s cyber resilience strategy.